Closed esben-2gcloud closed 9 months ago
Hello,
The below error indicates you cannot access your MISP server from where you are running the misp2sentinel integration.
Result: Failure Exception: PyMISPError: Unable to connect to MISP (https://misp-2gcloud.westeurope.cloudapp.azure.com/). Please make sure the API key and the URL are correct (http/https is required): HTTPSConnectionPool(host='misp-2gcloud.westeurope.cloudapp.azure.com', port=443): Max retries exceeded with url: /servers/getVersion (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f3102e4deb0>: Failed to establish a new connection: [Errno 110] Connection timed out')) Stack: File "/azure-functions-
This can be a firewall, proxy or DNS problem.
I does not seem to be a problem in the access, its accesseble by public ip, and we can use postman to see it pull data. Some how it still does not seem to work, and gives the same error.
The first lines in the error log indicate that there is a connection issue. Maybe try directly with the IP and check you use a valid API key?
I does not seem to be a problem in the access, its accesseble by public ip
Do you mean publicly be everyone? At least from some locations there seems to be some sort of filtering in place.
Closing pending feedback
i get this error trying to get the misp feed to our sentinel. I have followed the guide, and im now clueless to what the mistake might be: Result: Failure Exception: PyMISPError: Unable to connect to MISP (https://misp-2gcloud.westeurope.cloudapp.azure.com/). Please make sure the API key and the URL are correct (http/https is required): HTTPSConnectionPool(host='misp-2gcloud.westeurope.cloudapp.azure.com', port=443): Max retries exceeded with url: /servers/getVersion (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f3102e4deb0>: Failed to establish a new connection: [Errno 110] Connection timed out')) Stack: File "/azure-functions-host/workers/python/3.9/LINUX/X64/azure_functions_worker/dispatcher.py", line 479, in _handleinvocation_request call_result = await self._loop.run_in_executor( File "/usr/local/lib/python3.9/concurrent/futures/thread.py", line 58, in run result = self.fn(*self.args, self.kwargs) File "/azure-functions-host/workers/python/3.9/LINUX/X64/azure_functions_worker/dispatcher.py", line 752, in _run_sync_func return ExtensionManager.get_sync_invocation_wrapper(context, File "/azure-functions-host/workers/python/3.9/LINUX/X64/azure_functions_worker/extension.py", line 215, in _raw_invocation_wrapper result = function(args) File "/home/site/wwwroot/MISP2Sentinel/init.py", line 112, in main pmain() File "/home/site/wwwroot/MISP2Sentinel/init.py", line 102, in pmain push_to_sentinel(key, value['id'], value['secret'], value['workspaceid']) File "/home/site/wwwroot/MISP2Sentinel/init.py", line 87, in push_to_sentinel parsed_indicators, total_indicators = _get_misp_events_stix() File "/home/site/wwwroot/MISP2Sentinel/init.py", line 25, in _get_misp_events_stix misp = ExpandedPyMISP(config.misp_domain, config.misp_key, config.misp_verifycert, False) File "/home/site/wwwroot/.python_packages/lib/site-packages/pymisp/api.py", line 212, in init__ raise PyMISPError(f'Unable to connect to MISP ({self.root_url}). Please make sure the API key and the URL are correct (http/https is required): {e}')